android - Generated DH key is too big -
i'm trying generate dh key pair public key has 2048 bit of length, everytime it's bigger
my code is
private static biginteger g = new biginteger("1234567890"); private static biginteger p = new biginteger("2"); private int l = 2048 security.addprovider(new bouncycastleprovider()); dhparameterspec dhparams = new dhparameterspec(p, g, l); keypairgenerator keygen = keypairgenerator.getinstance("dh", "bc"); keygen.initialize(dhparams); it seems lparam works wrong or misunderstood , don't know how fix it. advice
i think misunderstand 'l' parameter (also 'p' , 'g'). firstly, optional, can use new dhparameterspec(p, g). secondly, when used typically shorter bit length of 'p' (which supposed prime modulus, not "2"), e.g. in rfc 7919, appendix a.1. specifies 2048-bit modulus 'p' , generator 'g' = "2", suggested minimum 'l' value 225. means considered secure choose secret exponent (private key) 225 bits long, speeds key generation , dh operations significantly.
i recommend use parameter set rfc 7919.
Comments
Post a Comment